General
-
Target
9ac324196d115d9484c64a6ec939e954b016d9c9f5a1f0ccf9e3a0698802ff12
-
Size
170KB
-
Sample
240526-hkv9habc95
-
MD5
ea843113c250841274116df7cedb729c
-
SHA1
fe5cae56b15a07cba611bc17009857a80c897143
-
SHA256
9ac324196d115d9484c64a6ec939e954b016d9c9f5a1f0ccf9e3a0698802ff12
-
SHA512
43fb94a522c0026054f8b8645f69083e01749bbeac2833df27f6e6c39524ff15a270cdf1ee9d820715c03c4707b32271fecafb039e5f8c1c96e2e4c2d8b890f9
-
SSDEEP
3072:MhPm77B1ZDwB76mVlZPFEqrtI/j4PMG5vY:oWd1ZDg7HhEqrGjm5vY
Malware Config
Targets
-
-
Target
9ac324196d115d9484c64a6ec939e954b016d9c9f5a1f0ccf9e3a0698802ff12
-
Size
170KB
-
MD5
ea843113c250841274116df7cedb729c
-
SHA1
fe5cae56b15a07cba611bc17009857a80c897143
-
SHA256
9ac324196d115d9484c64a6ec939e954b016d9c9f5a1f0ccf9e3a0698802ff12
-
SHA512
43fb94a522c0026054f8b8645f69083e01749bbeac2833df27f6e6c39524ff15a270cdf1ee9d820715c03c4707b32271fecafb039e5f8c1c96e2e4c2d8b890f9
-
SSDEEP
3072:MhPm77B1ZDwB76mVlZPFEqrtI/j4PMG5vY:oWd1ZDg7HhEqrGjm5vY
Score10/10-
Gh0st RAT payload
-
Gh0strat
Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.
-
Suspicious use of SetThreadContext
-